I started working for Oracle as consultant 10 years ago, with a challenge: develop a portal with independent web applications, that should require a single login and display restricted information depending on where you were located (intranet or internet). Developing the application was a straightforward task. The real challenge was how to address the security requirements without punishing the end-user experience. I had a blast when I figured out that the network segmentation (and not my application or my access management solution) would be the solution. Ever since that moment, I realized that information security would be an active part of my life. The fact that good security requires a holistic view, broad knowledge, creativity, and balance (between controls and system usability) puzzles me every day...and I love puzzles.

Why did you get your CCSP®?

The cloud accelerated adoption together with its new technologies and agile methods are changing the IT landscape in a way I've never seen before. As a curriculum developer, my job is to teach IT administrators, developers, architects, governance and security professionals how to implement good security (in-depth, cost-effective, and best suited to the most relevant security risks). I decided to get my CCSP to grasp the cloud security aspects and main differences compared to the on-premises architecture. This way, I can teach my students what are the best approaches to secure their solutions in the cloud.

What is a typical day like for you?

My typical day starts early, with a quick browse through news on the web, while having breakfast. After that, I commute to the office, where the work begins. I usually spend good part of my time working with peers -- product managers, developers, instructors, and engineers -- getting up to speed with new technologies. After this, I focus on developing learning assets. Because Okta is a pioneer in Identity as a Service (IDaaS), we are always inventing new stuff. These assets include courses, tutorials, presentations, and architectural documents. These materials are made available to Okta customers, employees, and partners online and via Okta Education. Often, I present my work in special events.

Can you tell us about a personal career highlight?

I love to present and it feels very special when I have opportunities to do this publicly. I believe a personal career highlight for me was my first Oracle OpenWorld presentation about Identity Governance. That was a 6.5 hour workshop, where I taught IT administrators and developers how they could use IT solutions to meet GRC requirements and enforce access certification, detect and act upon segregation of duties violations, and implement automated reporting. Connect technical and administrative security controls is always rewarding and I was able to do that at a great level for these people. The success was so big I had to record the same workshop in a TV studio. Ever since, I got the opportunity to deliver more presentations about Cloud Security Architecture and IDaaS in Oracle OpenWorld. This year, I am planning to deliver some cloude development presentations for Okta.

How has the CCSP certification helped you in your career?

The CCSP certification works as a great business card when I am talking with cloud architects. They feel confident and connected to me due to my security knowledge and a vocabulary that's compatible to their technology. The certification knowledge helps me every day with my tasks. The certification also brought me a considerable raise in my paycheck, which is always welcome.

What is the most useful advice you have for other cloud security professionals?

I believe the most important piece of advice today is to keep up to date and step-up fast. Security is one of the most relevant aspects of cloud computing and the world is getting more complex (new concepts, technologies, and regulations are appearing every single day). Several companies are starting their cloud journeys today and now it’s the ideal time to approach security the right way (by design). The best way to stay up to date is to keep in contact with the community (e.g. Meetups) and to try out innovative technologies such as Okta. One of the good things with the cloud is how it’s easy to experiment. Most providers grant trial accounts for free, which is an easy and convenient way to start.

I started working for Oracle as consultant 10 years ago, with a challenge: develop a portal with independent web applications, that should require a single login and display restricted information depending on where you were located (intranet or internet). Developing the application was a straightforward task. The real challenge was how to address the security requirements without punishing the end-user experience. I had a blast when I figured out that the network segmentation (and not my application or my access management solution) would be the solution. Ever since that moment, I realized that information security would be an active part of my life. The fact that good security requires a holistic view, broad knowledge, creativity, and balance (between controls and system usability) puzzles me every day...and I love puzzles.

Why did you get your CCSP®?

The cloud accelerated adoption together with its new technologies and agile methods are changing the IT landscape in a way I've never seen before. As a curriculum developer, my job is to teach IT administrators, developers, architects, governance and security professionals how to implement good security (in-depth, cost-effective, and best suited to the most relevant security risks). I decided to get my CCSP to grasp the cloud security aspects and main differences compared to the on-premises architecture. This way, I can teach my students what are the best approaches to secure their solutions in the cloud.

What is a typical day like for you?

My typical day starts early, with a quick browse through news on the web, while having breakfast. After that, I commute to the office, where the work begins. I usually spend good part of my time working with peers -- product managers, developers, instructors, and engineers -- getting up to speed with new technologies. After this, I focus on developing learning assets. Because Okta is a pioneer in Identity as a Service (IDaaS), we are always inventing new stuff. These assets include courses, tutorials, presentations, and architectural documents. These materials are made available to Okta customers, employees, and partners online and via Okta Education. Often, I present my work in special events.

Can you tell us about a personal career highlight?

I love to present and it feels very special when I have opportunities to do this publicly. I believe a personal career highlight for me was my first Oracle OpenWorld presentation about Identity Governance. That was a 6.5 hour workshop, where I taught IT administrators and developers how they could use IT solutions to meet GRC requirements and enforce access certification, detect and act upon segregation of duties violations, and implement automated reporting. Connect technical and administrative security controls is always rewarding and I was able to do that at a great level for these people. The success was so big I had to record the same workshop in a TV studio. Ever since, I got the opportunity to deliver more presentations about Cloud Security Architecture and IDaaS in Oracle OpenWorld. This year, I am planning to deliver some cloude development presentations for Okta.

How has the CCSP certification helped you in your career?

The CCSP certification works as a great business card when I am talking with cloud architects. They feel confident and connected to me due to my security knowledge and a vocabulary that's compatible to their technology. The certification knowledge helps me every day with my tasks. The certification also brought me a considerable raise in my paycheck, which is always welcome.

What is the most useful advice you have for other cloud security professionals?

I believe the most important piece of advice today is to keep up to date and step-up fast. Security is one of the most relevant aspects of cloud computing and the world is getting more complex (new concepts, technologies, and regulations are appearing every single day). Several companies are starting their cloud journeys today and now it’s the ideal time to approach security the right way (by design). The best way to stay up to date is to keep in contact with the community (e.g. Meetups) and to try out innovative technologies such as Okta. One of the good things with the cloud is how it’s easy to experiment. Most providers grant trial accounts for free, which is an easy and convenient way to start.